By David Hamilton, theWHIR.com
September 10, 2008 — (WEB HOST INDUSTRY REVIEW) – A blogger has accused Estonian registrar EstDomains (estdomains.com) of involvement in hundreds of online scams, even earning the title of the single largest source of domains affiliated with fake “codec” scams and turning a blind eye to such activity.
According to a blog article by Brian Krebs in the Washington Post technology blog SecureFix, at least one-third of a sample of 10,000 domains are currently blacklisted by SURBL.org’s junk e-mail list.
EstDomains registry liason Konstantin Poltev responded to SecureFix, writing that he had suspended all the malicious sites he identified, however, Krebs quickly found hundreds more.
Poltev said EstDomians responds to complaints within 24 hours. “However, sometimes making any decision is nearly impossible as there is an obvious lack of evidences, which prove the reported domain name’s involvement in the infringement of the registration agreement,” Poltev stated in an e-mail.
Krebs has written about EstDomains before, noting that chief executive officer Vladimir Tsastsin is “no stranger to organized crime,” having been convicted of various frauds and money laundering charges in Estonia.
Among the many malicious sites it has registered include fake anti-spyware, traffic hijacking, and fake codec sites that tell visitors of compromised legitimate sites or fake adult content sites that they need to install a special video codec in order to view videos.
EstDomains is a customer of California-based web host Atrivo (atrivo.com) that was the subject of a research report by Hostexploit (hostexploit.com) in late August, where it was identified as a major, long-time host of fake anti-virus products, spyware, adware and viruses.
